ASP,管理使用邮件自动找回密码

网络整理 - 09-14
本人最近在做个网站后台,在管理用户的时候,有个找回密码的功能。
首先说说原理:在用户表中加个字段pn,记录用户找回密码时候产生的一个随机字符串:用户名经过MD5加密之后加上Session.SessionId用MD5加密之后的结果,
以下内容为程序代码:
function GetPn(AdminName,SId)
GetPn = Lcase(MD5(AdminName) & MD5(SId))
end function

以下内容为程序代码:
pn = GetPn(rs("adminName"),Session.SessionID)
url = "http://"&Request.ServerVariables("SERVER_NAME")&SPort&Request.ServerVariables("SCRIPT_NAME")&"?pn="&pn&""
产生一个URL地址,并将该地址发送到用户的电子邮件中,用户点击该地址后,系统检测与pn相同的用户名,之后弹出修改密码的窗口。
缺点:没有加入Sql注入的检测

代码如下:
GetPass.Asp

以下内容为程序代码:

<!--#include file="../inc/conn.asp" -->
<!--#include file="../inc/MD5.asp" -->
<!--#include file="../inc/fun_admin.asp" -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>管理员找回密码</title>
<link href="../css/admin.css" type="text/css">

</head>

<body>
<%
if trim(Request.QueryString)="modify" then
'修改密码
if not Check_Code(Trim(Request.Form("GetCode"))) then
%>
<script language="javascript">
alert("验证码输入错误,请重新输入!");
history.back();
</script>
<%
CloseDatabase
Response.End()
end if
pn = checkStr(Trim(Request.Form("pn")))
if pn ="" then
%>
<script language="javascript">
alert("提交错误!");
history.back();
</script>
<%
CloseDatabase
Response.End()
end if
AdminPass=Trim(Request.Form("AdminPass"))
if AdminPass <> Trim(Request.Form("AdminPass2")) then
%>
<script language="javascript">
alert("两次输入密码不一致!");
history.back();
</script>
<%
CloseDatabase
Response.End()
end if
call Modyfy_Admin_Pass_pn(pn,AdminPass)
%>
<script language="javascript">
alert("密码修改成功,请牢记新密码!");
window.location.href='Login.htm';
</script>
<%
elseif trim(Request.QueryString)="get" then
AdminName=Request.Form("AdminName")
if isnull(AdminName) or trim(AdminName)="" then
%>
<script language="javascript">
alert("请输入你的用户名!");
history.back();
</script>
<%
CloseDatabase
Response.End()
end if
if not Check_Code(Trim(Request.Form("GetCode"))) then
%>
<script language="javascript">
alert("验证码输入错误,请重新输入!");
history.back();
</script>
<%
CloseDatabase
Response.End()
end if
set rs = Server.CreateObject("Adodb.RecordSet")
pn=""
adminEmail = ""
TrueName =""
rs.open "select * from SysAdmin where AdminName='"&AdminName&"'",conn,1,3
AdminName=""
if not rs.eof then
pn = GetPn(rs("adminName"),Session.SessionID)
adminEmail = rs("AdminEmail")
TrueName =rs("TrueName")
AdminName=rs("AdminName")
rs("pn") = pn
rs.update
end if
rs.close
set rs = nothing
if pn<>"" then
Sport = trim(Request.ServerVariables("SERVER_PORT"))
if Sport = "80" then
Sport = ""
else
SPort = ":"&SPort
end if
url = "http://"&Request.ServerVariables("SERVER_NAME")&SPort&Request.ServerVariables("SCRIPT_NAME")&"?pn="&pn&""
mailbody = AdminName & "("&TrueName&") 你好:" & vbcrlf
mailbody = mailbody & " 下面是您的找回密码的方法,请点击下面的连接设置您的密码!<br>"&vbcrlf
'mailbody = mailbody & "<a href="""&url&""" target=""_blank"">"&url&"</a><br><br>" & vbcrlf
mailbody = mailbody & "点这里进入设置页面" & vbcrlf
mailbody = mailbody & "看不到地址,请复制下面的地址到浏览器"&url & vbcrlf
call Jmail(adminEmail,"管理员找回密码方法",mailbody)
%>
<script language="javascript">
<%if SendMail="OK" then%>
alert("密码找回方法已经发到你的邮箱里,请及时修改!");
<%else%>
alert("由于系统错误,给您发邮件时发生错误,请联系管理员修改您的用户密码");
<%end if%>
window.location.href='http://www.cuoxin.com/';
</script>
<%
end if
elseif trim(Request.QueryString("pn"))<>"" then
pn = trim(Request.QueryString("pn"))
set rs = Server.CreateObject("Adodb.RecordSet")
AdminName =""
rs.open "select * from SysAdmin where pn='"&pn&"'",conn,1,1
if not rs.eof then
AdminName = rs("AdminName")
end if
rs.close
if AdminName="" then
%>
<script language="javascript">
alert("参数错误,请返回!");
window.location.href='http://www.cuoxin.com/';
</script>
<%
else
%>
<script language="javascript">
function CheckForm(frm)
{
if(frm.AdminPass.value=="")
{
alert("请填写新密码");
frm.AdminPass.focus();
return false;
}
if(frm.AdminPass2.value=="")
{
alert("请填写确认新密码");
frm.AdminPass2.focus();
return false;
}
if (frm.AdminPass.value != frm.AdminPass2.value)
{
alert("两次输入密码不一致,请重新输入!");
frm.AdminPass.value="";
frm.AdminPass2.value="";
frm.AdminPass.focus();
return false;
}
if(frm.GetCode.value=="")
{
alert("请填写验证码");
frm.GetCode.focus();
return false;
}
if(frm.GetCode.value.length!=4)
{
alert("请填写正确的验证码");
frm.GetCode.focus();
return false;
}
return true;

}
</script>
<form method="post" action="GetPass.asp?modify" >
<br>
<br>
<br>
<br>
<br>
<br>
<table cellpadding="3" cellspacing="1" bgcolor="#CCCCCC">
<tr bgcolor="#FAFAFA">
<td colspan="2"><strong> 重设密码(Modify User Pass)</strong></td>
</tr>
<tr>
<td>用户名:</td>
<td><input type="text" readonly="true" size="12" maxlength="20" value="<%=AdminName%>"><input type="hidden" size="12" maxlength="20" value="<%=pn%>"></td>
</tr>
<tr>
<td>新密码:</td>
<td><input type="password" size="12" maxlength="20"></td>
</tr>
<tr>
<td>确认新密码:</td>
<td><input type="password" size="12" maxlength="20"></td>
</tr>
<tr>
<td>请输入右边的验证码:</td>
<td><input onkeyup="if(isNaN(value))execCommand('undo')" onafterpaste="if(isNaN(value))execCommand('undo')" type="text" size="5" maxlength="5">
<img src="../GetCode.asp"></td>
</tr>
<tr>
<td colspan="2"><input type="submit" value="确 定">
<input type="reset" value="取 消" > </td>
</tr>
</table>
</form>

<%
end if
else
%>
<script language="javascript">
function CheckForm(frm)
{
if(frm.AdminName.value=="")
{
alert("请填写登陆用户名");
frm.AdminName.focus();
return false;
}
if (frm.AdminPass.value != frm.AdminPass2.value)
{
alert("两次输入密码不一致,请重新输入!");
frm.AdminPass.value="";
frm.AdminPass2.value="";
frm.AdminPass.focus();
return false;
}
if(frm.GetCode.value=="")
{
alert("请填写验证码");
frm.GetCode.focus();
return false;
}
if(frm.GetCode.value.length!=4)
{
alert("请填写正确的验证码");
frm.GetCode.focus();
return false;
}
return true;

}
</script>
<form method="post" action="GetPass.asp?get" >
<br>
<br>
<br>
<br>
<br>
<br>
<table cellpadding="3" cellspacing="1" bgcolor="#CCCCCC">
<tr bgcolor="#FAFAFA">
<td colspan="2"><strong> 找回密码(Get User Pass)</strong></td>
</tr>
<tr>
<td colspan="2">说明:如果您忘记了你的用户密码,请在下面的用户名输入框中输入您的拥护名,点确定。系统会发送一封找会密码的电子邮件到您的联系Email中,如果还不能找回密码,请<a href="mailt<%=SysEmail%>">联系管理员(<%=SysEmail%>)</a>。</td>
</tr>
<tr>
<td>请输入您的用户名:</td>
<td><input type="text" size="12" maxlength="20"></td>
</tr>
<tr>
<td>请输入右边的验证码:</td>
<td><input onkeyup="if(isNaN(value))execCommand('undo')" onafterpaste="if(isNaN(value))execCommand('undo')" type="text" size="5" maxlength="5">
<img src="../GetCode.asp"></td>
</tr>
<tr>
<td colspan="2"><input type="submit" value="确 定">
<input type="reset" value="取 消" > </td>
</tr>
</table>
</form>
<%end if
CloseDatabase
%>
</body>
</html>

fun_admin.asp

以下内容为程序代码


<%
'用户 找回密码的时候产生的验证码,只有当用户名和验证玛一致时才能修改密码
'一律使用小写
function GetPn(AdminName,SId)
GetPn = Lcase(MD5(AdminName) & MD5(SId))
end function

Public Function IsObjInstalled(strClassString)
On Error Resume Next
Dim xTestObj
Set xTestObj = Server.CreateObject(strClassString)
If Err Then
IsObjInstalled = False
else
IsObjInstalled = True
end if
Set xTestObj = Nothing
End Function
dim SendMail
sub Jmail(email,topic,mailbody)
Dim JMail
if not IsObjInstalled("JMail.Message") then
SendMail="NO"
exit sub
end if
Set JMail = Server.CreateObject("JMail.Message")

JMail.Charset = "gb2312" ' 邮件字符集,默认为"US-ASCII"
' JMail.ISOEncodeHeaders = False ' 是否进行ISO编码,默认为True

' 发送者信息(可用变量方式赋值)
JMail.From = SysEmail'"[email protected]" ' 发送者邮箱
JMail.FromName = "管理员" ' 发送者姓名
JMail.Subject = topic ' 邮件主题

' 身份验证
JMail.MailServerUserName = EmailName ' 身份验证的用户名
JMail.MailServerPassword = EmailPass ' 身份验证的密码

' 设置优先级,范围从1到5,越大的优先级越高,3为普通
JMail.Priority = 3

JMail.AddHeader "Originating-IP", Request.ServerVariables("REMOTE_ADDR")

' 加入一个收件人【变量email:收件人地址】可以同一语句重复加入多个
JMail.AddRecipient(email)

' 邮件主体(HTML(注意信件内链接附件的方式))
JMail.HTMLBody = UBBCode(mailbody)
JMail.Body = HTMLDecode(UBBCode(mailbody))

' 发送【调用格式:objJMail.Send([username:password@]SMTPServerAddress[:Port])】
'JMail.Send("user:[email protected]")
SendInfo=JMail.Send(EmailName&":"&EmailPass&"@"&EmailServer)

' 关闭并清除对象
JMail.Close()
Set JMail = Nothing

if not SenInfo then
SendMail="OK"
else
SendMail="NO"
end if

end sub


Function chkemail(strEmailAddr)
Dim re
Set re = new RegExp
re.pattern = "^[a-zA-Z][A-Za-z0-9_.-]+@[a-zA-Z0-9_]+?\.[a-zA-Z]{2,3}$"
chkemail=re.Test(strEmailAddr)
end function
Function chkoicq(oicq)
Dim re1
Set re1 = new RegExp
re1.IgnoreCase = false
re1.global = false
re1.Pattern = "[0-9]{4,9}$"
chkoicq = re1.Test(oicq)
End Function

function DateToStr(dtDateTime)
DateToStr = year(dtDateTime) & doublenum(Month(dtdateTime)) & doublenum(Day(dtdateTime)) & doublenum(Hour(dtdateTime)) & doublenum(Minute(dtdateTime)) & doublenum(Second(dtdateTime)) & ""
end function


rem ------------ubb代码
function ChkBadWords(fString)
bwords = split(BadWords, "|")
for i = 0 to ubound(bwords)
fString = Replace(fString, bwords(i), string(len(bwords(i)),"*"))
next
ChkBadWords = fString
end function

function HTMLEncode(fString)
if not isnull(fString) then
fString = replace(fString, ">", ">")
fString = replace(fString, "<", "<")

fString = Replace(fString, CHR(32)&CHR(32), " ")
fString = Replace(fString, CHR(34), """)
fString = Replace(fString, CHR(39), "'")
fString = Replace(fString, CHR(13), "")
' fString = Replace(fString, CHR(10) & CHR(10), "</P><P> ")
fString = Replace(fString, CHR(10), "<BR> ")
HTMLEncode = fString
end if

end function

'以下Html转化可用
function HTMLEncode2(fString)
fString = Replace(fString, CHR(32)&CHR(32)&CHR(32), "  ")
fString = Replace(fString, CHR(13), "")
'fString = Replace(fString, CHR(10), "<br>")
fString = Replace(fString, CHR(10)& CHR(10), "<br>")
HTMLEncode2 = fString
end function

function HTMLDecode(fString)
fString = replace(fString, ">", ">")
fString = replace(fString, "<", "<")
fString = Replace(fString, "  ", CHR(32)&CHR(32)&CHR(32))
fString = Replace(fString, "</P><P>", CHR(10) & CHR(10))
fString = Replace(fString, "<BR>", CHR(10))
fString = Replace(fString, "<br>", CHR(10))
fString = Replace(fString, " ", "CHR(32)")
fString = Replace(fString, " ", " ")
HTMLDecode = fString
end function

function UBBCode(strContent)
dim re
Set re=new RegExp
re.IgnoreCase =true
re.Global=True


re.Pattern="\[DIR=*([0-9]*),*([0-9]*)\](.[^\[]*)\[\/DIR]"
strContent=re.Replace(strContent,"<object classid=clsid:166B1BCA-3F9C-11CF-8075-444553540000 codebase=http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab#version=7,0,2,0 width=$1 height=$2><param name=src value=$3><embed src=$3 pluginspage=http://www.macromedia.com/shockwave/download/ width=$1 height=$2></embed></object>")
re.Pattern="\[QT=*([0-9]*),*([0-9]*)\](.[^\[]*)\[\/QT]"
strContent=re.Replace(strContent,"<embed src=$3 width=$1 height=$2 autoplay=true loop=false controller=true playeveryframe=false cache=false scale=TOFIT bgcolor=#000000 kioskmode=false targetcache=false pluginspage=http://www.apple.com/quicktime/>")
re.Pattern="\[MP=*([0-9]*),*([0-9]*)\](.[^\[]*)\[\/MP]"
strContent=re.Replace(strContent,"<object align=middle classid=CLSID:22d6f312-b0f6-11d0-94ab-0080c74c7e95 class=OBJECT id=MediaPlayer width=$1 height=$2 ><param name=ShowStatusBar value=-1><param name=Filename value=$3><embed type=application/x-oleobject codebase=http://activex.microsoft.com/activex/controls/mplayer/en/nsmp2inf.cab#Version=5,1,52,701 flename=mp src=$3 width=$1 height=$2></embed></object>")
re.Pattern="\[RM=*([0-9]*),*([0-9]*)\](.[^\[]*)\[\/RM]"
strContent=re.Replace(strContent,"<OBJECT classid=clsid:CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA class=OBJECT id=RAOCX width=$1 height=$2><PARAM NAME=SRC VALUE=$3><PARAM NAME=CONSOLE VALUE=Clip1><PARAM NAME=CONTROLS VALUE=imagewindow><PARAM NAME=AUTOSTART VALUE=true></OBJECT><br><OBJECT classid=CLSID:CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA height=32 id=video2 width=$1><PARAM NAME=SRC VALUE=$3><PARAM NAME=AUTOSTART VALUE=-1><PARAM NAME=CONTROLS VALUE=controlpanel><PARAM NAME=CONSOLE VALUE=Clip1></OBJECT>")

' if strflash= "1" then
re.Pattern="(\[FLASH\])(.[^\[]*)(\[\/FLASH\])"
strContent= re.Replace(strContent,"<OBJECT codeBase=http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=4,0,2,0 classid=clsid:D27CDB6E-AE6D-11cf-96B8-444553540000 width=500 height=400><PARAM NAME=movie VALUE=""$2""><PARAM NAME=quality VALUE=high><embed src=""$2"" quality=high pluginspage='http://www.macromedia.com/shockwave/download/index.cgi?P1_Prod_Version=ShockwaveFlash' type='application/x-shockwave-flash' width=500 height=400>$2</embed></OBJECT>")
'end if

re.Pattern="(\[ZIP\])(.[^\[]*)(\[\/ZIP\])"
strContent=re.Replace(strContent,"<br><IMG SRC=http://www.jz123.cn/Article/10/130/2005/pic/zip.gif border=0> <a href=""$2"">点击下载该文件</a>")
re.Pattern="(\[RAR\])(.[^\[]*)(\[\/RAR\])"
strContent=re.Replace(strContent,"<br><IMG SRC=http://www.jz123.cn/Article/10/130/2005/pic/rar.gif border=0> <a href=""$2"">点击下载该文件</a>")
re.Pattern="(\[UPLOAD=(.[^\[]*)\])(.[^\[]*)(\[\/UPLOAD\])"
strContent= re.Replace(strContent,"<br><A HREF=""$3"" TARGET=_blank><IMG SRC=""$3"" border=0 alt=按此在新窗口浏览图片javascript:if(this.width>screen.width-333)this.width=screen.width-333""></A>")

re.Pattern="(\[URL\])(http:\/\/.[^\[]*)(\[\/URL\])"
strContent= re.Replace(strContent,"<A HREF=""$2"" TARGET=_blank>$2</A>")
re.Pattern="(\[URL\])(.[^\[]*)(\[\/URL\])"
strContent= re.Replace(strContent,"<A HREF=""http://$2"" TARGET=_blank>$2</A>")

re.Pattern="(\[URL=(http:\/\/.[^\[]*)\])(.[^\[]*)(\[\/URL\])"
strContent= re.Replace(strContent,"<A HREF=""$2"" TARGET=_blank>$3</A>")
re.Pattern="(\[URL=(.[^\[]*)\])(.[^\[]*)(\[\/URL\])"
strContent= re.Replace(strContent,"<A HREF=""http://$2"" TARGET=_blank>$3</A>")

re.Pattern="(\[EMAIL\])(\S+\@.[^\[]*)(\[\/EMAIL\])"
strContent= re.Replace(strContent,"<img align=absmiddle src=http://www.jz123.cn/Article/10/130/2005/pic/email1.gif><A HREF=""mailt$2"">$2</A>")
re.Pattern="(\[EMAIL=(\S+\@.[^\[]*)\])(.[^\[]*)(\[\/EMAIL\])"
strContent= re.Replace(strContent,"<img align=absmiddle src=http://www.jz123.cn/Article/10/130/2005/pic/email1.gif><A HREF=""mailt$2"" TARGET=_blank>$3</A>")

're.Pattern = "^([A-Za-z0-9\./=\?%\-&_~`@':+!]+)"
'strContent = re.Replace(strContent,"<a target=_blank href=$1>$1</a>")
're.Pattern = "([A-Za-z0-9\./=\?%\-&_~`@':+!]+)$"
'strContent = re.Replace(strContent,"<a target=_blank href=$1>$1</a>")
're.Pattern = "[^>=""]([A-Za-z0-9\./=\?%\-&_~`@':+!]+)"
'strContent = re.Replace(strContent,"<a target=_blank href=$1>$1</a>")
re.Pattern = "^(ftp://[A-Za-z0-9\./=\?%\-&_~`@':+!]+)"
strContent = re.Replace(strContent,"<a target=_blank href=$1>$1</a>")
re.Pattern = "(ftp://[A-Za-z0-9\./=\?%\-&_~`@':+!]+)$"
strContent = re.Replace(strContent,"<a target=_blank href=$1>$1</a>")
re.Pattern = "[^>=""](ftp://[A-Za-z0-9\.\/=\?%\-&_~`@':+!]+)"
strContent = re.Replace(strContent,"<a target=_blank href=$1>$1</a>")
re.Pattern = "^(rtsp://[A-Za-z0-9\./=\?%\-&_~`@':+!]+)"
strContent = re.Replace(strContent,"<a target=_blank href=$1>$1</a>")
re.Pattern = "(rtsp://[A-Za-z0-9\./=\?%\-&_~`@':+!]+)$"
strContent = re.Replace(strContent,"<a target=_blank href=$1>$1</a>")
re.Pattern = "[^>=""](rtsp://[A-Za-z0-9\.\/=\?%\-&_~`@':+!]+)"
strContent = re.Replace(strContent,"<a target=_blank href=$1>$1</a>")
re.Pattern = "^(mms://[A-Za-z0-9\./=\?%\-&_~`@':+!]+)"
strContent = re.Replace(strContent,"<a target=_blank href=$1>$1</a>")
re.Pattern = "(mms://[A-Za-z0-9\./=\?%\-&_~`@':+!]+)$"
strContent = re.Replace(strContent,"<a target=_blank href=$1>$1</a>")
re.Pattern = "[^>=""](mms://[A-Za-z0-9\.\/=\?%\-&_~`@':+!]+)"
strContent = re.Replace(strContent,"<a target=_blank href=$1>$1</a>")

if strIcons = "1" then
re.Pattern="(\[em(.[^\[]*)\])"
strContent=re.Replace(strContent,"<img src=http://www.jz123.cn/Article/10/130/2005/pic/em$2.gif border=0 align=middle>")
end if

re.Pattern="(\[HTML\])(.[^\[]*)(\[\/HTML\])"
strContent=re.Replace(strContent,"<table cellspacing='0' cellpadding='6' bgcolor=#F7F7F7><td><b>以下内容为程序代码:</b><br>$2</td></table>")
re.Pattern="(\[code\])(.[^\[]*)(\[\/code\])"
strContent=re.Replace(strContent,"<table cellspacing='0' cellpadding='6' bgcolor=#F7F7F7><td><b>以下内容为程序代码:</b><br>$2</td></table>")

re.Pattern="(\[color=(.[^\[]*)\])(.[^\[]*)(\[\/color\])"
strContent=re.Replace(strContent,"<font color=$2>$3</font>")
re.Pattern="(\[face=(.[^\[]*)\])(.[^\[]*)(\[\/face\])"
strContent=re.Replace(strContent,"<font face=$2>$3</font>")
re.Pattern="(\[align=(.[^\[]*)\])(.*)(\[\/align\])"
strContent=re.Replace(strContent,"<div align=$2>$3</div>")

re.Pattern="(\[QUOTE\])(.*)(\[\/QUOTE\])"
strContent=re.Replace(strContent,"<table cellpadding=0 cellspacing=0 border=0 WIDTH=94% bgcolor=#F6F6F6 align=center><tr><td><table width=100% cellpadding=5 cellspacing=1 border=0><TR><TD BGCOLOR='"&abgcolor&"'>$2</table></table><br>")
re.Pattern="(\[fly\])(.*)(\[\/fly\])"
strContent=re.Replace(strContent,"<marquee width=90% behavior=alternate scrollamount=3>$2</marquee>")
re.Pattern="(\[move\])(.*)(\[\/move\])"
strContent=re.Replace(strContent,"<MARQUEE scrollamount=3>$2</marquee>")
re.Pattern="\[GLOW=*([0-9]*),*(#*[a-z0-9]*),*([0-9]*)\](.[^\[]*)\[\/GLOW]"
strContent=re.Replace(strContent,"<table width=$1filter:glow(color=$2, strength=$3)"">$4</table>")
re.Pattern="\[SHADOW=*([0-9]*),*(#*[a-z0-9]*),*([0-9]*)\](.[^\[]*)\[\/SHADOW]"
strContent=re.Replace(strContent,"<table width=$1filter:shadow(color=$2, strength=$3)"">$4</table>")

re.Pattern="(\[i\])(.[^\[]*)(\[\/i\])"
strContent=re.Replace(strContent,"<i>$2</i>")
re.Pattern="(\[u\])(.[^\[]*)(\[\/u\])"
strContent=re.Replace(strContent,"<u>$2</u>")
re.Pattern="(\[b\])(.[^\[]*)(\[\/b\])"
strContent=re.Replace(strContent,"<b>$2</b>")
re.Pattern="(\[fly\])(.[^\[]*)(\[\/fly\])"
strContent=re.Replace(strContent,"<marquee>$2</marquee>")

re.Pattern="(\[size=1\])(.[^\[]*)(\[\/size\])"
strContent=re.Replace(strContent,"<font size=1>$2</font>")
re.Pattern="(\[size=2\])(.[^\[]*)(\[\/size\])"
strContent=re.Replace(strContent,"<font size=2>$2</font>")
re.Pattern="(\[size=3\])(.[^\[]*)(\[\/size\])"
strContent=re.Replace(strContent,"<font size=3>$2</font>")
re.Pattern="(\[size=4\])(.[^\[]*)(\[\/size\])"
strContent=re.Replace(strContent,"<font size=4>$2</font>")

strContent = doCode(strContent, "", "", "<ul>", "</ul>")
strContent = doCode(strContent, "", "", "<ol type=1>", "</ol id=1>")
strContent = doCode(strContent, "", "", "<ol type=a>", "</ol id=a>")
strContent = doCode(strContent, "

  • ", "
  • [/*]", "<li>", "</li>")

    re.Pattern="(\[center\])(.[^\[]*)(\[\/center\])"
    strContent=re.Replace(strContent,"<center>$2</center>")

    strContent=ChkBadWords(strContent)

    set re=Nothing
    UBBCode=strContent
    end function

    function doCode(fString, fOTag, fCTag, fROTag, fRCTag)
    fOTagPos = Instr(1, fString, fOTag, 1)
    fCTagPos = Instr(1, fString, fCTag, 1)
    while (fCTagPos > 0 and fOTagPos > 0)
    fString = replace(fString, fOTag, fROTag, 1, 1, 1)
    fString = replace(fString, fCTag, fRCTag, 1, 1, 1)
    fOTagPos = Instr(1, fString, fOTag, 1)
    fCTagPos = Instr(1, fString, fCTag, 1)
    wend
    doCode = fString
    end function

    function IsValidEmail(email)

    dim names, name, i, c

    'Check for valid syntax in an email address.

    IsValidEmail = true
    names = Split(email, "@")
    if UBound(names) <> 1 then
    IsValidEmail = false
    exit function
    end if
    for each name in names
    if Len(name) <= 0 then
    IsValidEmail = false
    exit function
    end if
    for i = 1 to Len(name)
    c = Lcase(Mid(name, i, 1))
    if InStr("abcdefghijklmnopqrstuvwxyz_-.", c) <= 0 and not IsNumeric(c) then
    IsValidEmail = false
    exit function
    end if
    next
    if Left(name, 1) = "." or Right(name, 1) = "." then
    IsValidEmail = false
    exit function
    end if
    next
    if InStr(names(1), ".") <= 0 then
    IsValidEmail = false
    exit function
    end if
    i = Len(names(1)) - InStrRev(names(1), ".")
    if i <> 2 and i <> 3 then
    IsValidEmail = false
    exit function
    end if
    if InStr(email, "..") > 0 then
    IsValidEmail = false
    end if

    end function
    sub Modyfy_Admin_Pass_pn(pn,AdminPass)
    if isnull(pn) or trim(pn)="" then exit sub
    conn.execute("update SysAdmin set AdminPass='"&MD5(AdminPass)&"',pn='' where pn='"&pn&"'")
    end sub
    function Check_Code(InputStr)
    Check_Code = true
    if isnull(InputStr) or trim(InputStr)="" then
    Check_Code = false
    exit function
    end if
    if trim(InputStr)<>Trim(Session("GetCode")) then
    Check_Code = false
    exit function
    end if

    end function
    %>